Authentication mechanisms are prime targets for threat actors. This time, SMS-based authentication is at risk. A global attack campaign has been using thousands of Telegram bots to spread SMS-stealing malware on Android devices. Meanwhile, cybercriminals are targeting SMBs in Europe with phishing campaigns to deploy three malware families. According to a report by Acronis, email attacks have surged by 293% compared to the same period in 2023. Continue reading for more cybersecurity news.
01
A malicious campaign targeting Android devices globally is utilizing thousands of Telegram bots to infect devices with SMS-stealing malware, compromising OTPs for over 600 services.
02
Cybercriminals have been targeting SMBs in phishing campaigns across Poland, Italy, and Romania to deploy different malware families—Rescoms, Agent Tesla, and Formbook—via ModiLoader.
03
Attackers are leveraging Tycoon 2FA Phish-kit to target Amazon Simple Email Service and a series of high-profile redirects to steal user credentials in a phishing campaign.
04
Threat actors targeted Microsoft in a DDoS attack, affecting its Azure cloud services and Microsoft 365 products worldwide and leading to intermittent errors, timeouts, and latency spikes.
05
The developers of EvilProxy dubbed the ‘LockBit of phishing,’ have created guides for using Cloudflare to disguise malicious traffic, resulting in over a million attacks each month.
06
Microsoft issued a warning against ransomware gangs exploiting the CVE-2024-37085 vulnerability in VMware ESXi, allowing attackers to add a new user with full administrative privileges on the ESXi hypervisor.
07
Following the takedown of the Qakbot botnet, the UNC4393 threat group has been found using custom malware, including DarkGate and SilentNight, and diverse evasion techniques.
08
A critical local privilege escalation vulnerability, CVE-2024-41637, in RaspAP (versions before 3.1.5) could allow the www-data user to execute critical commands with sudo privileges without a password.
09
As per a report by Acronis, email attacks have surged by 293% compared to the same period in 2023, while ransomware detections have also risen, increasing by 32% from Q4 2023 to Q1 2024.
10
The software supply chain security solutions provider, Lineaje closed a $20 million Series A funding round led by Prosperity7 Ventures, Neotribe, and Hitachi Ventures, alongside existing investor Tenable Ventures.
